<?php
    /**
    * Witness save
    * This action return (in ajax action mode):
    *    - Empty string: for die without notification. When you receive this value, just cleanup everything of your js code
    *    - ER....: started by ER, all flow after ER is ERROR
    *    - OK....: started by OK, all flow after OK is process result
    * @author: trungdt
    * @since: Feb 8, 2011
    * @version: 1.0
    * 
    * DB Structure
    * CREATE  TABLE IF NOT EXISTS `prayonline`.`witness` (
    `id` INT(11) NOT NULL AUTO_INCREMENT ,
    `name` TEXT NULL ,
    `content` TEXT NULL ,
    `user_id` INT(4) NULL ,
    `username` TEXT NULL ,
    `demand_id` INT(11) NULL DEFAULT -1 COMMENT '=-1: Mean not link to any demand\n' ,
    `post_date` INT(11) NULL ,
    `status` INT(1) NULL DEFAULT 0 COMMENT '=0: Wait\n=1: UnApproved\n=2: Approve\n' ,
    `unapprove_reason` TEXT NULL ,
    PRIMARY KEY (`id`) )
    ENGINE = InnoDB
    DEFAULT CHARACTER SET = utf8
    COLLATE = utf8_general_ci
    COMMENT = 'Chứa các lời chứng';
    * 
    * Change logs
    * Feb 8, 2011 - trungdt - first create
    * Feb 25, 2011 - trungdt - Search index suport
    */
    /**
    * this function called when this process want to be interruped
    * 
    */
    function witness_ajax_action_die(){
        if (exponent_javascript_inAjaxAction())
        {
            die("");
        }
        else
        {
            echo SITE_403_HTML;
        }
    }

    if (!defined("EXPONENT")) exit("");
    $demand = null;        
    $witness=null;
    $lang=exponent_lang_loadFile("modules/demandmodule/actions/demand-manage.php");
    $lang2=exponent_lang_loadFile("modules/demandmodule/demand.php");

    // build localtion
    $loc=null;
    $loc->mod="demandmodule";
    $id="";
    $demand_id="";
    $witness=null;
    if (isset($_POST['demand_id']))
    {
        $demand_id=intval($_POST['demand_id']);
        if ($demand_id > -1)
        {
            $demand=$db->selectObject("demands","id = {$demand_id}");   
            if ($demand == null )
            {
                witness_ajax_action_die();
            }
        }
        else
        {
            $demand->id=-1;
        }
        if (isset($_POST['id']))
        {
            $id=intval($_POST['id']);
            $witness=$db->selectObject("witness","id = {$id}");
        }
    }
    else
    {
        witness_ajax_action_die();
    }

    if ((
    (exponent_permissions_check("administrate",$loc) ||
    exponent_permissions_check("approve_demand",$loc)) && 
    isset($witness->id)
    ) 
    || 
    ((!isset($witness->id)) && exponent_users_isLoggedIn())
    )  {

        // check captcha
        if (!isset($witness->id))
        {
            //validator::validate(array('captcha'=>'captcha_string'), $_POST);
            $captcha_real = exponent_sessions_get('captcha_string');
            if (isset($_POST['captcha_string']) && (strtolower($_POST['captcha_string']) == strtolower($captcha_real)))
            {
                exponent_sessions_unset("captcha_string");
            }
            else
            {
                // show error: captcha not regconize
                die("ER".exponent_lang_getText("captcha_not_the_same"));
            }
        }

        $witness= demands::update_witness($_POST, $demand, $witness);

        // end of calculate
        // again we check permission
        if (isset($witness->id)  && 
        (
        exponent_permissions_check("administrate",$loc) || 
        exponent_permissions_check("approve_demand",$loc)
        )
        ) {
            $db->updateObject($witness,"witness");
        } else {
            // save ID for later use :)
            $witness->id=$db->insertObject($witness,"witness");
        }

        // Feb 25, 2011 - index this item - begin
        demandmodule::ab_spiderItem($witness, "witness");
        // Feb 25, 2011 - index this item - end

        // end 
        // if in ajax action, we return OK to let js know this process is success
        if (exponent_javascript_inAjaxAction() && ($demand_id>-1))
        {
            // 
            $witness->important_level=7;
            $witness->small_time=date('d/m/Y \<\b\r\> i:s',$witness->post_date);
            $witness->demand_tip=$lang['status_waiting'];
            demandmodule::demand_split_content($witness->content, $witness->content_hidden);

            //
            $html="";
            // we render the result
            $template=new template("demandmodule","_render_witness");
            // catch the cache
            $template->assign("object",$witness);
            $template->register_permissions(array('approve_demand',"administrate"),$loc);  
            $html=$template->render();
            die("OK".$html);
        }
        else
        {
            // else, we redirect to last page
            $params=array(
            'action'=>'my-demand',
            'module'=>'demandmodule'
            );
            $tlink=exponent_core_makeLink($params);
            $tlink.="#".$witness->id."-"._to_vietnamese_with_nomark($witness->name);
            die("SW".$tlink);
        }
    } else {
        witness_ajax_action_die();
    }


?>
